EAP-TTLS: Key derivation per draft-ietf-emu-tls-eap-types-00

Use the TLS-Exporter with the label and context as defined in
draft-ietf-emu-tls-eap-types-00 when deriving keys for EAP-TTLS with TLS
1.3.

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
This commit is contained in:
Alexander Clouter 2020-10-16 09:49:38 +01:00 committed by Jouni Malinen
parent c74f230200
commit 647db6a6b5
2 changed files with 42 additions and 6 deletions

View file

@ -268,10 +268,22 @@ static int eap_ttls_avp_encapsulate(struct wpabuf **resp, u32 avp_code,
static int eap_ttls_v0_derive_key(struct eap_sm *sm, static int eap_ttls_v0_derive_key(struct eap_sm *sm,
struct eap_ttls_data *data) struct eap_ttls_data *data)
{ {
const char *label;
const u8 eap_tls13_context[1] = { EAP_TYPE_TTLS };
const u8 *context = NULL;
size_t context_len = 0;
if (data->ssl.tls_v13) {
label = "EXPORTER_EAP_TLS_Key_Material";
context = eap_tls13_context;
context_len = sizeof(eap_tls13_context);
} else {
label = "ttls keying material";
}
eap_ttls_free_key(data); eap_ttls_free_key(data);
data->key_data = eap_peer_tls_derive_key(sm, &data->ssl, data->key_data = eap_peer_tls_derive_key(sm, &data->ssl, label,
"ttls keying material", context, context_len,
NULL, 0,
EAP_TLS_KEY_LEN + EAP_TLS_KEY_LEN +
EAP_EMSK_LEN); EAP_EMSK_LEN);
if (!data->key_data) { if (!data->key_data) {

View file

@ -1271,13 +1271,25 @@ static u8 * eap_ttls_getKey(struct eap_sm *sm, void *priv, size_t *len)
{ {
struct eap_ttls_data *data = priv; struct eap_ttls_data *data = priv;
u8 *eapKeyData; u8 *eapKeyData;
const char *label;
const u8 eap_tls13_context[1] = { EAP_TYPE_TTLS };
const u8 *context = NULL;
size_t context_len = 0;
if (data->state != SUCCESS) if (data->state != SUCCESS)
return NULL; return NULL;
if (data->ssl.tls_v13) {
label = "EXPORTER_EAP_TLS_Key_Material";
context = eap_tls13_context;
context_len = sizeof(eap_tls13_context);
} else {
label = "ttls keying material";
}
eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, eapKeyData = eap_server_tls_derive_key(sm, &data->ssl,
"ttls keying material", NULL, 0, label, context, context_len,
EAP_TLS_KEY_LEN); EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
if (eapKeyData) { if (eapKeyData) {
*len = EAP_TLS_KEY_LEN; *len = EAP_TLS_KEY_LEN;
wpa_hexdump_key(MSG_DEBUG, "EAP-TTLS: Derived key", wpa_hexdump_key(MSG_DEBUG, "EAP-TTLS: Derived key",
@ -1313,12 +1325,24 @@ static u8 * eap_ttls_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
{ {
struct eap_ttls_data *data = priv; struct eap_ttls_data *data = priv;
u8 *eapKeyData, *emsk; u8 *eapKeyData, *emsk;
const char *label;
const u8 eap_tls13_context[1] = { EAP_TYPE_TTLS };
const u8 *context = NULL;
size_t context_len = 0;
if (data->state != SUCCESS) if (data->state != SUCCESS)
return NULL; return NULL;
if (data->ssl.tls_v13) {
label = "EXPORTER_EAP_TLS_Key_Material";
context = eap_tls13_context;
context_len = sizeof(eap_tls13_context);
} else {
label = "ttls keying material";
}
eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, eapKeyData = eap_server_tls_derive_key(sm, &data->ssl,
"ttls keying material", NULL, 0, label, context, context_len,
EAP_TLS_KEY_LEN + EAP_EMSK_LEN); EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
if (eapKeyData) { if (eapKeyData) {
emsk = os_malloc(EAP_EMSK_LEN); emsk = os_malloc(EAP_EMSK_LEN);